In the latest report by a Western cybersecurity company to finger Chinese state hackers, Mandiant earlier this week accused the People’s Liberation Army Unit 61398 of having orchestrated years of cyberattacks on more than 100 U.S. firms from a base in Shanghai. Hacking by the Chinese, whether by state technicians or patriotic individuals who are not directly employed by the government, has turned into a serious global risk. Although the Chinese government has repeatedly denied a state-sponsored hacking campaign, the list of cybertargets—from Western competitors of Chinese companies to human-rights groups that are critical of Beijing’s record—leaves little room for doubt that these raids originate from China. “These attacks only benefit the Chinese, not anyone else,” says Dr. Murray Jennex, a cybersecurity expert at San Diego State University. “They have so many more people who are able to hack than any other country.”
In a story in this week’s magazine, TIME profiles Wan Tao, once one of China’s most feared hongke, or red hackers, cyberwarriors motivated by patriotism to attack foreign digital victims:
While Chinese hackers boast about their exploits online, it’s rare to hear one articulate why he chose to hack for nationalist reasons. The story of Wan Tao, now 41, and his China Eagle Union—which at its height boasted hundreds of members who attacked foreign computer systems with the government’s tacit approval—gives an inside glimpse into the underground world of Chinese hackers: their motivation, exploitation and, in some cases, redemption.
Wan emphasizes that he never hacked officially for the government and didn’t steal information. He says he began his online forays because he was lured by a kind of independent, rebellious ethos shared by hackers worldwide. But there’s no question China Eagle Union’s hacking, which starting in 2000 infiltrated everything from U.S. government sites to Japanese politicians’ email accounts, fit the Chinese government’s agenda. Wan released a manifesto called “Building Hacker Culture with Chinese Characteristics.” His hacking collective’s theme song only enhanced his rock-star status among a growing corps of hongke. A sample lyric: “It doesn’t matter how hard the enemy’s shield is, we want him to know our sharpness. We are the China Eagles.”
Then in 2005, when anti-Japanese riots convulsed Chinese cities, the Chinese government began tamping down on the very xenophobic sentiment it had cultivated through nationalist education and propaganda. Once free to excoriate foreigners online, Wan was ordered by the authorities to delete inflammatory content from his website. He spent 20 hours erasing comments before collapsing from exhaustion and checking into a hospital. Wan’s own posts on domestic issues, such as the plight of Chinese farmers left behind by the country’s economic boom, were also censored. “I thought I had freedom online,” says Wan. “But I was wrong.”
At the same time, Internet crime began skyrocketing in China. From July 2011 to July 2012, nearly 260 million Chinese were victimized online, according to official statistics. Red hackers were morphing into what Chinese call black hackers, computer geeks who were lured into illegality by money.
China has begun cracking down on computer malfeasance within its borders, ranging from online banking fraud to corporate data robbery. Chinese cyberpolice have shut down child pornography websites in stings run with Americans, and new Chinese laws criminalize certain types of hacking. The head of a Chinese hacking school that used to openly advertise on the web—and at bus stations—was jailed.
Yet to this day, hongke have not been punished for their overseas assaults. It’s a double standard that raises troubling questions about China’s commitment to online lawfulness—even apart from the fact that the state is suspected of employing an army of hackers. “Even if hongke are doing it under the banner of safeguarding national security, hacking is not right,” says Wang Sixin, a law professor at the Communications University of China.
Meanwhile, Chinese hackers are being blamed for an ever-increasing number of raids on foreign soil. “I don’t believe there are thousands of Chinese hackers sitting in a room hacking for the government,” says Wan. He clumsily dodges a question about the recent hacking of American media, which was blamed on Chinese techies. “You can’t prove it came from China,” he says, explaining that just because an IP address is traced to China doesn’t mean the hacking originated there. But to go back to cybersecurity expert Jennex’s point, who else but China has an interest in such online attacks?
During a separate conversation, Wan admits that there are, indeed, Chinese who end up working for the state. Some, he says, are black hackers who have been caught by police and are pressured into government employment. He also gives the profile of the kind of kid who might end up hacking for China: “small-town boys who have little education and learned computers while their grandparents were supposed to be looking after them.” He dismisses them as “robots” and refuses to even call them hackers.
Today, Wan says he no longer hacks. He now runs a cybersecurity company with top Chinese firms and NGOs as his clients. Many of his employees came from China Eagle Union. (Other former union members are successful businessmen or in jail.)
Is Wan ever tempted to joust again with cyberwarriors across the globe? He shakes his head. Yet, he adds: “I’m still a hacker in spirit. I always will be.”
Full Story: China’s Hacker King